Hello All,
I am configuring OTRS to use LDAP authentication against Lotus Domino.
I have created 2 groups in Domino called otrsAgent (agents only) and
otrsCustomer (everybody else).
So, all the agents can autheticate and if it is the first time, their
account is being created as well. Works great.
But if a Customer tries to authenticate, it says "Login failed! Your
username or password was entered incorrectly." The OTRS log file says:
[Tue Aug 30 15:57:37 2005][Notice][Kernel::System::Auth::LDAP::Auth] User:
admindomino.cyclades authentication failed, no LDAP group entry
foundGroupDN='cn=otrsAgent', Filter='(member=CN=Admindomino
Cyclades,O=Cyclades)'! (REMOTE_ADDR: 192.168.44.203).
If you noticed, it tried the Agent group instead of the Customer group. I
have also checked the TCP packets using tcpdump and I noticed that if the
user is valid and it is not in the Agent group, OTRS is not checking the
Customer group.
Here is my configuration at Kernel/Config.pm:
# Agent Authentication
$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'usldap.cyclades.com';
$Self->{'AuthModule::LDAP::BaseDN'} = 'o=cyclades';
$Self->{'AuthModule::LDAP::UID'} = 'uid';
$Self->{'AuthModule::LDAP::SearchUserDN'} = '';
$Self->{'AuthModule::LDAP::SearchUserPw'} = '';
$Self->{'AuthModule::LDAP::GroupDN'} = 'cn=otrsAgent';
$Self->{'AuthModule::LDAP::AccessAttr'} = 'member';
$Self->{'AuthModule::LDAP::UserAttr'} = 'DN';
# Customer Authentication
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = 'usldap.cyclades.com';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'o=cyclades';
$Self->{'Customer::AuthModule::LDAP::UID'} = 'uid';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = '';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = '';
$Self->{'Customer::AuthModule::LDAP::GroupDN'} = 'cn=otrsCustomer';
$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member';
$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN';
$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => 'usldap.cyclades.com',
BaseDN => 'cn=otrsCustomer',
SSCOPE => 'sub',
UserDN => '',
UserPw => '',
},
CustomerKey => 'uid',
CustomerID => 'uid',
CustomerUserListFields => ['uid', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'uid', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
],
};
Thanks in advance for any help.
Paulo K
_____________________________________________
Paulo Roberto Kappke
Systems/Network Administrator, Sr.
Cyclades Corporation
Phone: +1 (510) 771-6241
Fax: +1 (510) 771-6200
E-mail: [EMAIL PROTECTED]
http://www.cyclades.com
_____________________________________________
_______________________________________________
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
Support oder Consulting für Ihr OTRS System?
=> http://www.otrs.de/
